Autentication handle

[crisleiria]

I have the following scenario:

• laravel 9 with Sanctun auth, Inertia and Vue as stack

• I have devextream data grids configured with odata datasources connected with several laravel Models

  Works perfectly fine, no issues here.

As my understanding, the odata endpoint created with this package, do not work with laravel auth by default. So, the endpoint http://domain.com/odata/{Model} is public by default.

I want to protect this routes.

If I set middleware to 'auth:sanctum' as the docs recomend on config/lodata.php, I need to pass the user token on the headers.

I am using Inertia, with the default sanctum auth, thru cookies and not tokens. I do not have user token on client side to pass on the odata requests. So, I end up getting "Unauthorized" requests.

I have several options here...

• Pass the token on each request thru the share method on HandleInertiaRequests class. This is not acceptable.
• Swith the login to sanctun api, as a thru SPA app. A lot of work here.
• Pass token data on login redirect from the regular login controller?

I would like to have a more elegant way to do this.... Maybe someone have already this scenario?

Thanks in advance

[27pchrisl]

Is it enough to add a different set of middleware to Lodata's config, such as 'web' so that it picks up the cookie auth ?

[crisleiria]

Is it enough to add a different set of middleware to Lodata's config, such as 'web' so that it picks up the cookie auth ?

Yes, for this scenario its enough.